Federal officials are calling on telecommunication companies to boost national security by using encrypted messaging apps following an unprecedented Chinese hacking campaign against more than half a dozen telecom firms in the U.S.
The sprawling cyberattack campaign, dubbed Salt Typhoon by Microsoft, was first announced in October after officials discovered hackers tried to access the networks of various telecom companies and in turn the data of some customers.
The actors were able to steal a “large amount of records,” a senior FBI official told reporters on Tuesday, including information on where, when and with whom individuals were communicating. The stolen records did not include voice or text content, the official added.
In a separate call Wednesday, deputy national security adviser Anne Neuberger confirmed at least eight U.S. telecom firms and dozens of nations were impacted by the hacking campaign, The Associated Press reported.
To protect agencies in the future, the FBI, National Security Administration (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint guide on Tuesday aimed at protecting communications-related companies from future hacking.
“We don’t have any illusion that once we kick off these actors they’re not going to come back,” Jeff Greene, executive assistant director for cybersecurity at CISA, told reporters.
Part of this guidance directs Americans to use encrypted message apps to avoid potential interference, Greene added.
“Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible,” he said.
Among those targeted in the Salt Typhoon hacks were some involved in the government or political activities, officials said earlier this year.
While officials have not revealed exactly how many were targeted, President-elect Trump and Vice President-elect Vance were among the phones reportedly targeted.
Officials on Tuesday confirmed remediation of the hacking campaign is not yet complete and the U.S. still does not know the full extent of the attack tied to Chinese hackers. They noted some of the targeted information related to law enforcement investigations and court orders.
Neuberger on Wednesday told reporters the U.S. does not believe any classified communications were compromised, the AP reported.
When asked about the comments, a spokesperson for the Chinese Embassy in Washington called the allegations “disinformation,” accusing the U.S. of spreading such claims for “its own geopolitical purposes.”
“China firmly opposes and combats all kinds of cyber attacks. The US needs to stop its own cyberattacks against other countries and refrain from using cyber security to smear and slander China,” embassy spokesperson Liu Pengyu said in a statement, criticizing “unfounded speculation and accusations.”
